Papers

Apurva Virkud, Muhammad Adil Inam, Andy Riddle, Jason Liu, Gang Wang, and Adam Bates.

How does Endpoint Detection use the MITRE ATT&CK Framework?.

33rd USENIX Security Symposium (Security'24). Philadelphia, PA, USA. August 14, 2024.

Akul Goyal, Gang Wang, and Adam Bates.

R-CAID: Embedding Root Cause Analysis within Provenance-based Intrusion Detection.

45th IEEE Symposium on Security and Privacy (Oakland'24). San Francisco, CA, USA. May 20, 2024.

Mahmood Sharif, Pubali Datta, Andy Riddle, Kim Westfall, Adam Bates, Vijay Ganti, Matthew Lentz, and David Ott.

DrSec: Flexible Distributed Representations for Efficient Endpoint Security..

45th IEEE Symposium on Security and Privacy (Oakland'24). San Francisco, CA, USA. May 20, 2024.

Isaac Polinsky, Pubali Datta, Adam Bates, and Will Enck.

GRASP: Hardening Serverless Applications through Graph Reachability Analysis of Security Policies.

The Web Conference. Singapore. May 13, 2024.

Yi-Shyuan Chiang, Omar Khan, Adam Bates, and Camille Cobb.

More than just informed: The importance of consent facets in smart homes.

ACM CHI Conference on Human Factors in Computing Systems. Honolulu, HI, USA. May 11, 2024.

Muhammad Adil Inam, Yinfang Chen, Akul Goyal, Jason Liu, Jaron Mink, Noor Michael, Sneha Gaur, Adam Bates, and Wajih Ul Hassan.

SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusions.

44th IEEE Symposium on Security and Privacy (Oakland'23). San Francisco, CA, USA. May 22, 2023.

Phoebe Moh, Pubali Datta, Noel Warford, Adam Bates, Nathan Malkin, and Michelle L. Mazurek.

Characterizing Everyday Misuse of Smart Home Devices.

44th IEEE Symposium on Security and Privacy (Oakland'23). San Francisco, CA, USA. May 22, 2023.

Akul Goyal, Xueyuan Han, Gang Wang, and Adam Bates.

Sometimes, You Aren't What You Do: Mimicry Attacks against Provenance Graph Host Intrusion Detection Systems.

30th ISOC Network and Distributed System Security Symposium (NDSS'23). San Diego, CA, USA. February 27, 2023.

Muhammad Adil Inam, Akul Goyal, Jason Liu, Jaron Mink, Noor Michael, Sneha Gaur, Adam Bates, and Wajih Ul Hassan.

FAuST: Striking a Bargain between Forensic Auditing's Security and Throughput.

38th Annual Computer Security Applications Conference (ACSAC'22). Austin, TX, USA. December 5, 2022.

Ayoosh Bansal, Anant Kandikuppa, Chien-Ying Chen, Monowar Hasan, Adam Bates and Sibin Mohan.

Towards Efficient Auditing for Real-Time Systems.

27th European Symposium on Research in Computer Security (ESORICS'22). Copenhagen, Denmark. September 26, 2022.

Joshua Reynolds, Adam Bates and Michael Bailey.

Equivocal URLs: Understanding the Fragmented Space of URL Parser Implementations.

27th European Symposium on Research in Computer Security (ESORICS'22). Copenhagen, Denmark. September 26, 2022.

Pubali Datta, Isaac Polinsky, Muhammad Adil Inam, Adam Bates, and Will Enck.

ALASTOR: Reconstructing the Provenance of Serverless Intrusions.

31st USENIX Security Symposium (Security'22). Boston, MA, USA. August 10, 2022.

Jason Liu, Anant Kandikuppa, and Adam Bates.

Transparent DIFC: Harnessing Innate Application Event Logging for Fine-Grained Decentralized Information Flow Control.

7th IEEE European Symposium on Security and Privacy (EuroSP'22). Genoa, Italy. June 6, 2022.

Jaron Mink, Amanda Rose Yuile, Uma Pal, Adam Aviv, and Adam Bates.

Users Can Deduce Sensitive Locations Protected by Privacy Zones on Fitness Tracking Apps.

ACM CHI Conference on Human Factors in Computing Systems (CHI'22). New Orleans, LA, USA. April 30, 2022.

Muhammad Adil Inam, Wajih Ul Hassan, Ali Ahad, Adam Bates, Rashid Tahir, Tianyin Xu, and Fareed Zaffar.

Forensic Analysis of Configuration-based Attacks.

29th ISOC Network and Distributed System Security Symposium (NDSS'22). San Diego, CA, USA. February 27, 2022.

Carter Yagemann, Mohammad Noureddine, Wajih Ul Hassan, Simon Chung, Adam Bates, and Wenke Lee.

Validating the Integrity of Audit Logs Against Execution Repartitioning Attacks.

28th ACM Conference on Computer and Communications Security (CCS'21). Seoul, South Korea. November 15, 2021.

Nick Roessler, Lucas Atayde, Imani Palmer, Derrick McKee, Jai Pandey, Vasileios P. Kemerlis, Mathias Payer, Adam Bates, Jonathan M. Smith, Andre DeHon, and Nathan Dautenhahn.

muSCOPE: A Methodology for Analyzing Least-Privilege Compartmentalization in Large Software Artifacts.

24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID'21). Donostia / San Sebastian, Spain. October 6, 2021.

Benjamin E. Ujcich, Samuel Jero, Richard Skowyra, Adam Bates, William H. Sanders, and Hamed Okhravi.

Causal Analysis for Software-Defined Networking Attacks.

30th USENIX Security Symposium (Security'21). The Internet. August 13, 2021.

Isaac Polinsky, Pubali Datta, Adam Bates, and Will Enck.

SCIFFS: Enabling Secure Third-Party Security Analytics using Serverless Computing.

ACM Symposium on Access Control Models and Technologies (SACMAT'21). The Internet. June 18, 2021.

Arnav Sankaran, Pubali Datta, and Adam Bates.

Workflow Integration Alleviates Identity and Access Management in Serverless Computing.

36th Annual Computer Security Applications Conference. The Internet. December 7, 2020.

Wajih Ul Hassan, Ding Li, Kangkook Jee, Xiao Yu, Kexuan (Klaus) Zou, Dawei Wang, Zhengzhang Chen, Zhichun Li, Junghwan Rhee, Jiaping Gui, and Adam Bates.

This is Why We Can't Cache Nice Things: Lightning-Fast Threat Hunting using Suspicion-Based Hierarchical Storage.

36th Annual Computer Security Applications Conference. The Internet. December 7, 2020.

Noor Michael, Jaron Mink, Jason Liu, Sneha Gaur, Wajih Ul Hassan, and Adam Bates.

On the Forensic Validity of Approximated Audit Logs.

36th Annual Computer Security Applications Conference. The Internet. December 7, 2020.

Riccardo Paccagnella, Kevin Liao, Dave (Jing) Tian, and Adam Bates.

Logging to the Danger Zone: Race Condition Attacks and Defenses on System Audit Frameworks.

27th ACM Conference on Computer and Communications Security (CCS'20). The Internet. November 9, 2020.

Benjamin E. Ujcich, Adam Bates, and William H. Sanders.

Provenance for Intent-Based Networking.

2020 IEEE Conference on Network Softwarization (NetSoft '20). The Internet. June 29, 2020.

Wajih Ul Hassan, Adam Bates, and Daniel Marino.

Tactical Provenance Analysis for Endpoint Detection and Response Systems.

41st IEEE Symposium on Security and Privacy (Oakland'20). The Internet. May 18, 2020.

Pubali Datta, Prabuddha Kumar, Tristan Morris, Michael Grace, Amir Rahmati, and Adam Bates.

Valve: Securing Function Workfows on Serverless Computing Platforms.

The Web Conference (WWW'20). Taipei, Taiwan. April 20, 2020.

Xueyuan Han, Thomas Pasquier, Adam Bates, James Mickens, and Margo Seltzer.

UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats.

27th ISOC Network and Distributed System Security Symposium (NDSS'20). San Diego, CA, USA. February 23, 2020.

Wajih Ul Hassan, Mohammad Ali Noureddine, Pubali Datta, and Adam Bates.

OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log Analysis.

27th ISOC Network and Distributed System Security Symposium (NDSS'20). San Diego, CA, USA. February 23, 2020.

Riccardo Paccagnella, Pubali Datta, Wajih Ul Hassan, Adam Bates, Christopher Fletcher, Andrew Miller, and Dave Tian.

CUSTOS: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution.

27th ISOC Network and Distributed System Security Symposium (NDSS'20). San Diego, CA, USA. February 23, 2020.

Benjamin E. Ujcich, Samuel Jero, Richard Skowyra, Steven R. Gomez, Adam Bates, William H. Sanders, and Hamed Okhravi.

Automated Discovery of Cross-Plane Event-Based Vulnerabilities in Software-Defined Networking.

27th ISOC Network and Distributed System Security Symposium (NDSS'20). San Diego, CA, USA. February 23, 2020.

Qi Wang, Pubali Datta, Wei Yang, Si Liu, Carl Gunter, and Adam Bates.

Charting the Attack Surface of Trigger-Action IoT Platforms.

26th ACM Conference on Computer and Communications Security (CCS'19). London, UK. November 11, 2019.

Deepak Kumar, Riccardo Paccagnella, Paul Murley, Eric Hennenfent, Joshua Mason, Adam Bates, and Michael Bailey.

Emerging Threats in IoT Voice Services.

IEEE Security and Privacy Magazine. July 9, 2019.

Adam Bates and Wajih Ul Hassan.

Can Data Provenance Put an End to the Data Breach?.

IEEE Security and Privacy Magazine. July 9, 2019.

Wajih Ul Hassan, Shengjian Guo, Ding Li, Zhengzhang Chen, Kangkook Jee, Zhichun Li, and Adam Bates.

NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage.

26th ISOC Network and Distributed System Security Symposium (NDSS'19). San Diego, CA, USA. February 24, 2019.

Thomas Pasquier, Xueyuan Han, Thomas Moyer, Adam Bates, Olivier Hermant, David Eyers, Jean Bacon, and Margo Seltzer.

Runtime Analysis of Whole-System Provenance.

25th ACM Conference on Computer and Communications Security (CCS'18). Toronto, Ontario, Canada. October 15, 2018.

Benjamin E. Ujcich, Samuel Jero, Anne Edmundson, Qi Wang, Richard Skowyra, James Landry, Willam H. Sanders, Christina Rita-Notaru, and Hamed Okravi.

Cross-App Poisoning in Software-Defined Networking.

25th ACM Conference on Computer and Communications Security (CCS'18). Toronto, Ontario, Canada. October 15, 2018.

Wajih Ul Hassan, Saad Hussain, and Adam Bates.

Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide?.

27th USENIX Security Symposium (Security'18). Baltimore, MD, USA. August 16, 2018.

Deepak Kumar, Riccardo Paccagnella, Paul Murley, Eric Hennenfent, Joshua Mason, Adam Bates, and Michael Bailey.

Skill Squatting Attacks on Amazon Alexa.

27th USENIX Security Symposium (Security'18). Baltimore, MD, USA. August 15, 2018.

Tianyuan Liu, Avesta Hojjati, Adam Bates and Klara Nahrstedt.

AliDrone: Enabling Trustworthy Proof-of-Alibi for Commercial Drone Compliance.

38th IEEE International Conference on Distributed Computing Systems (ICDCS'18). Vienna, Austria. July 5, 2018.

Dave (Jing) Tian, Nolen Scaife, Deepak Kumar, Michael Bailey, Adam Bates, and Kevin R. B. Butler.

SoK: 'Plug and Pray' Today -- Understanding USB Insecurity in Versions 1 through C.

39th IEEE Symposium on Security and Privacy (Oakland'18). San Francisco, CA, USA. May 23, 2018.

Wajih Ul Hassan, Mark Lemay, Nuraini Aguse, Adam Bates, and Thomas Moyer.

Towards Scalable Cluster Auditing through Grammatical Inference over Provenance Graphs.

25th ISOC Network and Distributed System Security Symposium (NDSS'18). San Diego, CA, USA. February 17, 2018.

Qi Wang, Wajih Ul Hassan, Adam Bates, and Carl Gunter.

Fear and Logging in the Internet of Things.

25th ISOC Network and Distributed System Security Symposium (NDSS'18). San Diego, CA, USA. February 17, 2018.

Adam Bates, Dave (Jing) Tian, Grant Hernandez, Thomas Moyer, Kevin R. B. Butler, and Trent Jaeger.

Taming the Costs of Trustworthy Provenance through Policy Reduction.

ACM Transactions on Internet Technology (TOIT). September 1, 2017.

Bradley Reaves, Jasmine Bowers, Nolen Scaife, Adam Bates, Arnav Bhartiya, Patrick Traynor, and Kevin R.B. Butler.

Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications.

ACM Transactions on Privacy and Security: Volume 20, Issue 3. August 1, 2017.

Benjamin E. Ujcich, Adam Bates, and William H. Sanders.

A Provenance Model for the European Union General Data Protection Regulation.

7th International Provenance and Annotation Workshop (IPAW'18). London, UK. July 9, 2017.

Benjamin E. Ujcich, Andrew Miller, Adam Bates, and William H. Sanders.

Towards an Accountable Software-Defined Networking Architecture.

3rd IEEE Conference on Network Softwarization. Bologna, Italy. July 4, 2017.

Adam Bates, Wajih Ul Hassan, Kevin Butler, Alin Dobra, Bradley Reaves, Patrick Cable, Thomas Moyer,and Nabil Schear.

Transparent Web Service Auditing via Network Provenance Functions .

26th World Wide Web Conference (WWW'17). Perth, Australia. April 6, 2017.

Thomas Moyer, Patrick Cable, Karishma Chada, Robert Cunningham, Nabil Schear, Warren Smith, Adam Bates, Kevin Butler, Frank Capobianco, and Trent Jaeger..

Leveraging Data Provenance to Enhance Cyber Resilience.

1st IEEE Cybersecurity Development Conference (SecDev'16). Boston, MA, USA. November 4, 2016.

Dave (Jing) Tian, Adam Bates, Kevin R. B. Butler, and Raju Rangaswami.

ProvUSB: Block-level Provenance-Based Data Protection for USB Storage Devices.

23rd ACM Conference on Computer and Communications Security (CCS'16). Vienna, Austria. October 25, 2016.

Adam Bates, Devin J. Pohly, and Kevin R. B. Butler.

Secure and Trustworthy Provenance Collection for Digital Forensics.

Digital Fingerprinting (Springer). October 1, 2016.

Dave (Jing) Tian, Nolen Scaife, Adam Bates, Kevin R. B. Butler, and Patrick Traynor.

Making USB Great Again with USBFILTER.

2016 USENIX Security Symposium (Security'16). Austin, TX, USA. August 11, 2016.

Dave (Jing) Tian, Adam Bates, and Kevin R.B. Butler.

Defending Against Malicious USB Firmware with GoodUSB.

31st Annual Computer Security Applications Conference (ACSAC'15). Los Angeles, California, USA. December 7, 2015.

Bradley Reaves, Ethan Shernan, Adam Bates, Hank Carter, and Patrick Traynor.

Boxed Out: Blocking Cellular Interconnect Bypass Fraud at the Network Edge.

24th USENIX Security Symposium (Security'15). Washington D.C., USA. August 14, 2015.

Adam Bates, Dave Tian, Kevin R.B. Butler, and Thomas Moyer.

Trustworthy Whole-System Provenance for the Linux Kernel.

24th USENIX Security Symposium (Security'15). Washington D.C., USA. August 13, 2015.

Bradley Reaves, Nolen Scaife, Adam Bates, Kevin R.B. Butler, and Patrick Traynor.

Mo(bile) Money, Mo(bile) Problems:Analysis of Branchless Banking Applications in the Developing World.

24th USENIX Security Symposium (Security'15). Washington D.C., USA. August 12, 2015.

Adam Bates, Kevin R.B. Butler, and Thomas Moyer.

Take Only What You Need:Leveraging Mandatory Access Control Policy to Reduce Provenance Storage Costs.

7th International Workshop on Theory and Practice of Provenance (TaPP'15). Edinburgh, Scotland. July 9, 2015.

Adam Bates, Kevin Butler, Micah Sherr, Clay Shields, Patrick Traynor, and Dan Wallach.

Accountable Wiretapping -or- I Know They Can Hear You Now.

Journal of Computer Security: Volume 23, Issue 2, Pages 167-195. January 1, 2015.

Adam Bates, Joe Pletcher, Tyler Nichols, Braden Hollembaek, Jing (Dave) Tian, Abdulrahman Alkhelaifi, and Kevin R.B. Butler.

Securing SSL Certificate Validation through Dynamic Linking.

21st ACM Conference on Computer and Communications Security (CCS'14). Scottsdale, AZ, USA. November 5, 2014.

Adam Bates, Joe Pletcher, Tyler Nichols, Braden Hollembaek, and Kevin R.B. Butler.

Forced Perspectives: Evaluating an SSL Trust Enhancement at Scale.

14th ACM SIGCOMM Conference on Internet Measurement (IMC'14). Vancouver, BC, Canada. November 5, 2014.

Adam Bates, Ben Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, and Kevin Butler.

On Detecting Co-Resident Cloud Instances Using Network Flow Watermarking Techniques.

International Journal of Information Security: Volume 13, Issue 2, pg. 171-189. April 1, 2014.

Adam Bates, Ryan Leonard, Hannah Pruse, Kevin Butler, and Daniel Lowd.

Leveraging USB to Establish Host Identity Using Commodity Devices.

21st ISOC Network and Distributed System Security Symposium (NDSS'14). San Diego, CA, USA. February 25, 2014.

Adam Bates, Kevin Butler, Andreas Haeberlen, Micah Sherr and Wenchao Zhou.

Let SDN Be Your Eyes: Secure Forensics in Data Center Networks.

2014 NDSS Workshop on Security of Emerging Network Technologies (SENT'14). San Diego, CA, USA. February 23, 2014.

Adam Bates, Ben Mood, Masoud Valafar, and Kevin Butler.

Towards Secure Provenance-based Access Control in Cloud Environments.

3rd ACM Conference on Data and Application Security and Privacy (CODASPY'13). San Antonio, TX, USA. February 19, 2013.

Adam Bates, Ben Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, and Kevin Butler.

Detecting Co-Residency with Active Traffic Analysis Techniques.

2012 ACM Workshop on Cloud Computing Security (CCSW'12). Raleigh, NC, USA. October 19, 2012.

Adam Bates, Kevin Butler, Micah Sherr, Clay Shields, Patrick Traynor, and Dan Wallach.

Accountable Wiretapping -or- I Know They Can Hear You Now.

19th ISOC Network and Distributed System Security Symposium (NDSS'12). San Diego, CA, USA. February 7, 2012.